package com.mj.mes.config.shiro;

import com.mj.mes.system.SysResource.SysResource;
import com.mj.mes.system.SysRole.SysRole;
import com.mj.mes.system.SysUser.SysUser;
import com.mj.mes.system.SysUser.SysUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;

import java.util.HashSet;
import java.util.Set;

/**
 * Created by Administrator on 2017/3/16.
 */
public class UserRealm extends AuthorizingRealm {
    @Autowired
    private SysUserService sysUserService;
    /**
     * 为当前用户赋予角色与权限
     *
     * @param principals
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String username = (String) principals.getPrimaryPrincipal();
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        // 根据用户名查询当前用户拥有的角色
        Set<SysRole> roles = sysUserService.getRolesBySysUserName(username);
        Set<String> roleNames = new HashSet<String>();
        for (SysRole role : roles) {
            roleNames.add(role.getRoleName());
        }
        // 将角色名称提供给info
        authorizationInfo.setRoles(roleNames);
        // 根据角色查询当前用户权限
        Set<SysResource> sysresources = sysUserService.getResourceBySysUserName(username);
        Set<String> sysresourceNames = new HashSet<String>();
        for (SysResource sysresource : sysresources) {
            if(sysresource != null && !StringUtils.isEmpty(sysresource.getResourcePermission())) {
                sysresourceNames.add(sysresource.getResourcePermission());
            }
        }
        // 将权限名称提供给info
        authorizationInfo.setStringPermissions(sysresourceNames);
        return authorizationInfo;
    }

    /**
     * 验证当前用户
     *
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String username = (String) authenticationToken.getPrincipal();
//        Set<SysRole> roles1 = sysuserservice.getRolesBySysUserName(username);
        SysUser user = sysUserService.findOne(username);
        if (user == null) {
            // 用户名不存在抛出异常
            throw new UnknownAccountException();
        }
        if (user.getUserAvailable() == 1) {
            // 用户被管理员锁定抛出异常
            throw new LockedAccountException();
        }
        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(user.getUserName(),
                user.getUserPassword(),
                ByteSource.Util.bytes(user.getUserName()+user.getUserSalt()),
                getName());
        return authenticationInfo;
    }
}
